Information Rights Management
Encyclopedia
Information Rights Management (IRM) is a term that applies to a technology which protects sensitive information from unauthorised access. It is sometimes referred to as (E-DRM) or Enterprise Digital Rights Management. This can cause confusion because Digital Rights Management
(DRM) technologies are typically associated with business to consumer systems designed to protect rich media such as music and video. IRM is a technology which allows for information (mostly in the form of documents) to be ‘remote controlled’. This means that information and its control can now be separately created, viewed, edited & distributed.
Some existing IRM systems have been ongoing development of DRM style systems, however a true IRM system will have some important differences and is typically used to protect information in a business to business model, such as financial data, intellectual property and executive communications. IRM currently applies mainly to documents and emails.
IRM technologies allow for several levels of security
. Functionality offered by IRM usually comprises:
An example of IRM in use would be to secure a sensitive engineering document being distributed in an environment where the document's recipients could not necessarily be trusted. Alternatively, an e-mail could be secured with IRM, so if it accidentally is forwarded to an untrusted party, only authorised users would gain access. Note that a well designed IRM system will not limit the ability for information to be shared, rather rules are only enforced when people attempt to gain access. This is important as often people share sensitive information with users who should legitimately have access but don't, and the technology needs to facilitate the easy request of access back to the business owners.
IRM is far more secure than shared secret passwords, key management is used to protect the information whilst it is at rest on a hard disk, network drive or other storage device. Crucially IRM continues to protect and control access to the document when it is in use. Functionality such as preventing screen shots, disallowing the copying of data from the secure document to an insecure environment and guarding the information from programmatic attack, are key elements of an effective IRM solution.
Information Rights Management is also known by the following names:
Digital rights management
Digital rights management is a class of access control technologies that are used by hardware manufacturers, publishers, copyright holders and individuals with the intent to limit the use of digital content and devices after sale. DRM is any technology that inhibits uses of digital content that...
(DRM) technologies are typically associated with business to consumer systems designed to protect rich media such as music and video. IRM is a technology which allows for information (mostly in the form of documents) to be ‘remote controlled’. This means that information and its control can now be separately created, viewed, edited & distributed.
Some existing IRM systems have been ongoing development of DRM style systems, however a true IRM system will have some important differences and is typically used to protect information in a business to business model, such as financial data, intellectual property and executive communications. IRM currently applies mainly to documents and emails.
IRM technologies allow for several levels of security
Security
Security is the degree of protection against danger, damage, loss, and crime. Security as a form of protection are structures and processes that provide or improve security as a condition. The Institute for Security and Open Methodologies in the OSSTMM 3 defines security as "a form of protection...
. Functionality offered by IRM usually comprises:
- Industry standard encryption of the information.
- Strong in use protection, such as controlling copy & paste, preventing screen shots and printing.
- A rights model/policy which allows for easy mapping of business classifications to information.
- Offline use allowing for users to create/access IRM sealed documents without needing network access for certain periods of time.
- Full auditing of both access to documents as well as changes to the rights/policy by business users
An example of IRM in use would be to secure a sensitive engineering document being distributed in an environment where the document's recipients could not necessarily be trusted. Alternatively, an e-mail could be secured with IRM, so if it accidentally is forwarded to an untrusted party, only authorised users would gain access. Note that a well designed IRM system will not limit the ability for information to be shared, rather rules are only enforced when people attempt to gain access. This is important as often people share sensitive information with users who should legitimately have access but don't, and the technology needs to facilitate the easy request of access back to the business owners.
IRM is far more secure than shared secret passwords, key management is used to protect the information whilst it is at rest on a hard disk, network drive or other storage device. Crucially IRM continues to protect and control access to the document when it is in use. Functionality such as preventing screen shots, disallowing the copying of data from the secure document to an insecure environment and guarding the information from programmatic attack, are key elements of an effective IRM solution.
Information Rights Management is also known by the following names:
- Enterprise Rights Management.
- Enterprise DRM or Enterprise Digital Rights Management.
- Document Rights Management.
- Intelligent Rights Management.